cluster: fingerprint parsing: adapt to changed openssl output

currently updating the fingerprints using `pmgcm update-fingerprints`
runs into an error indicating that parsing of the remote node's
fingerprint fails

The error is due to changed output in openssl's x509 command,
introduced in commit:
91034b68b39e3525f09fb263b9272de410a3ba4c
in openssl upstream [0]

Note that in that case it would equally work to change the parameter
from `-sha256` to `-SHA256` in the `openssl x509` command above

The change seems small enough to warrant pulling it into stable-7 as
well (although the issue should not occur in systems upgraded
according to our howtos).

[0] https://github.com/openssl/openssl/commit/91034b68b39e3525f09fb263b9272de410a3ba4c

Reported-by: Martin Maurer <martin@proxmox.com>
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Removed redundant A-F from regular expression.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>

diff --git a/src/PMG/Cluster.pm b/src/PMG/Cluster.pm
index e9a605462ff2e3ae29c7bbbf3db3ec43ecd8d697..015e66addbf750ee06b7cd345beb4db512ba23cb 100644 (file)
--- a/src/PMG/Cluster.pm
+++ b/src/PMG/Cluster.pm
@@ -307,7 +307,7 @@ sub get_remote_cert_fingerprint {
     eval {
        PVE::Tools::run_command($ssh_cmd, outfunc => sub {
            my ($line) = @_;
-           if ($line =~ m/SHA256 Fingerprint=((?:[A-Fa-f0-9]{2}:){31}[A-Fa-f0-9]{2})/) {
+           if ($line =~ m/SHA256 Fingerprint=((?:[a-f0-9]{2}:){31}[a-f0-9]{2})/i) {
                $fp = $1;
            }
        });